Bugtraq mailing list archives

Re: blogtorrent remote/local user password disclosure

From: trashtrash () free fr
Date: 14 Jul 2005 05:55:54 -0000

The proposed fix does not work.
How about placing a .htaccess with deny from all in the data and torrents directories ?

I'm not sure that there is a vulnerability. My version of blogtorrent (<0.92) has automatically created the .htaccess...

Current thread:

blogtorrent remote/local user password disclosure Emanuele Gentili (Jul 11)
- <Possible follow-ups>
- Re: blogtorrent remote/local user password disclosure trashtrash (Jul 14)